e1b9695f501379d7155569114d28f7f7

Sharing

Copy URL Twitter E-mail

General

Target

e1b9695f501379d7155569114d28f7f7
Size

1.1MB
MD5

e1b9695f501379d7155569114d28f7f7
SHA1

f4d85be809fb84ee4c53819505c06deea00ec42f
SHA256

7eb27bb095732eba44cc8536b26dd907c1f90c7f82afd5fa397b9b1c6b117c47
SHA512

e80deabbe78969bf3033832b569271efa41d89153ff1dffdc1e99cbcd11c8c9d6612396df0423e47b8e58c9ebc18bc2ef7c25305d296e786fac6cb3628e0385f
SSDEEP

24576:JAeyDWEfldSdX4xGK2709ZQglUCckWgFAsCdjy:JjEfCYU7nCdWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1b9695f501379d7155569114d28f7f7

Files

e1b9695f501379d7155569114d28f7f7
.exe windows:5 windows x86 arch:x86

bb4951626fd6a58539f3c8da425b0e27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\pupasa\zofejila8\genoga\tuyi-xutegixup\retalu31 pawika\g.pdb

Imports

kernel32

ExitProcess
GetFileSize
GlobalDeleteAtom
SetFilePointer
lstrlenA
TlsGetValue
GetConsoleAliasExesA
SetLocalTime
CommConfigDialogA
FreeLibrary
InterlockedDecrement
SetFirmwareEnvironmentVariableA
CreateDirectoryW
GetProfileSectionA
GetComputerNameW
SetTapeParameters
GetTickCount
CreateNamedPipeW
GetConsoleAliasesLengthA
GetPrivateProfileStringW
WriteFile
FindActCtxSectionStringA
EnumTimeFormatsW
CreateDirectoryExW
SetProcessPriorityBoost
ActivateActCtx
GlobalAlloc
GetSystemDirectoryW
LoadLibraryW
GetConsoleMode
SetCommConfig
_hread
SizeofResource
GetSystemWow64DirectoryW
SetSystemTimeAdjustment
GetSystemWindowsDirectoryA
GetVersionExW
InterlockedPopEntrySList
GlobalFlags
ReadFile
GetBinaryTypeW
GetOverlappedResult
CompareStringW
SetConsoleTitleA
GlobalUnlock
DeactivateActCtx
GetNamedPipeHandleStateW
VerifyVersionInfoW
ReleaseActCtx
GetStartupInfoA
GetCurrentDirectoryW
ReadConsoleOutputCharacterA
GetProcessHeaps
GetComputerNameExW
SetStdHandle
FreeUserPhysicalPages
SetComputerNameA
VerLanguageNameW
GetAtomNameA
LoadLibraryA
Process32FirstW
CreateSemaphoreW
SetCalendarInfoW
SetConsoleCtrlHandler
SetCurrentDirectoryW
WriteProfileSectionW
VirtualLock
SetConsoleWindowInfo
FindAtomA
WriteProfileStringA
GetProcessShutdownParameters
QueryMemoryResourceNotification
FreeEnvironmentStringsW
VirtualProtect
GetFileAttributesExW
GetCPInfoExA
_lopen
TlsAlloc
GetWindowsDirectoryW
GetVersion
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
LCMapStringW
CopyFileExA
DeleteFileA
CreateFileA
GetStartupInfoW
HeapValidate
IsBadReadPtr
RaiseException
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
InterlockedIncrement
GetProcAddress
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsFree
SetLastError
GetLastError
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
WideCharToMultiByte
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP
CloseHandle
WriteConsoleA
GetConsoleOutputCP

user32

GetCursorInfo

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 867KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb4951626fd6a58539f3c8da425b0e27

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 867KB - Virtual size: 887KB

.tls Size: 512B - Virtual size: 193B

.rsrc Size: 55KB - Virtual size: 55KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 867KB - Virtual size: 887KB

.tls
Size: 512B - Virtual size: 193B

.rsrc
Size: 55KB - Virtual size: 55KB

.reloc
Size: 16KB - Virtual size: 15KB